CISSP® Certification Training

CISSP® Certification Training

The course covers the 8 domains of the CISSP Common Body of Knowledge as reorganised in early 2015 and fully includes the updates that came into effect from 1 April 2018. The course will broaden and deepen your understanding of the domains and give preparation for the (ISC)2 CISSP certification examination.

80% of Global Fortune 500 organizations are expected to adopt DevOps by 2021 – CA.

ADP, BBC News, ebay, GE, ING, Intuit, PayPal, Splunk, Uber & other MNCs worldwide use DevOps.

Be future ready. Start learning
Structure your learning and get a certificate to prove it.
Start Learning

Cissp UpComing Batches

Nov-04 - Dec-16

Weekend
SOLD OUT

Timings: 07:00 AM To 10:00 AM (IST)

350.00     Enroll Now

Nov-16 - Dec-28

Weekend
FILLING FAST

Timings: 07:00 AM To 10:00 AM (IST)

350.00     Enroll Now

Dec-07 - Jan-18

Weekday

Timings: 20:30 PM To 23:30 PM (IST)

350.00     Enroll Now
Be future ready. Start learning
Structure your learning and get a certificate to prove it.
Start Learning

Course Curriculum

CISSP® Certification Training

SELF PACED

The course covers the 8 domains of the CISSP Common Body of Knowledge as reorganised in early 2015 and fully includes the updates that came into effect from 1 April 2018. The course will broaden and deepen your understanding of the domains and give preparation for the (ISC)2 CISSP certification examination.

  • WEEK 5-6
  • 10 Modules
  • 6 Hours
Self Paced

Topics:
  • Welcome and Administrivia.
  • Course Overview.
  • Review and Revision Techniques.
  • References.
  • Specialised References and Additional Reading.
  • Other Resources.
  • The “CISSP World-View”.
  • The Exam.
  • On the Day of the Exam.
  • Exam Technique.
  • After the Exam.
  • CISSP Concentrations.
  • Blended Learning Follow-up.

Topics:
  • Privacy Requirements(Transborder Data Flows,Data Breaches).
  • Intellectual Property.
  • Computer Ethics and Professional Ethics.
  • Risk Management Concepts.
  • Definitions of Risk.
  • Risk Management Processes (SP800-30, ISO27005).
  • Information Risk Analysis.
  • Audit Frameworks and Methodologies.
  • Countermeasures and Controls(Control Assessment, Testing and Monitoring).
  • Threat Modeling.
  • Business Continuity Requirements.
  • Development of Business Continuity and Disaster Recovery Plans.
  • Security Policies.
  • Standards.
  • Procedures.
  • Guidelines.
  • Personnel Security.
  • Acquisitions Policy and Strategies.
  • Security Education.
  • Awareness and Training.

Topics:
  • Security Engineering Lifecycle.
  • Systems Architecture.
  • Enterprise Security Architecture.
  • Security Models(Mandatory Access Control Models,Discretionary Access Control).
  • Evaluation.
  • Certification and Accreditation,Evaluation Schemes.
  • Security Implementation Guidelines.
  • Frameworks and Standards.
  • Database Security.
  • Vulnerabilities(Architectural Vulnerabilities,Distributed Computing,Remote and Mobile Computing,Process Control and SCADA,Embedded Systems and the Internet of Things).
  • Cryptology(Types of Cryptoprimitives,Classical Cryptography,Symmetric Cryptoprimitives,Unkeyed and Keyed Hashes).
  • Public Key Cryptosystems(Authentication & Digital Signatures,Public Key Infrastructure).
  • Key Management(Advanced Concepts – Quantum computing, etc.,Cryptanalysis and Attacks).
  • Site Planning and Design(Security Survey,Crime Prevention Through Environmental Design).
  • Facility Security(Physical Security Principles,Data Centers, Server Rooms and Wiring Closets,Secure Work Areas).

Topics:
  • Security Audit, Assessment and Testing Concepts(First-Person and Third-Party Audits).
  • Software Security Assessment(Unit Testing).
  • Integration Testing(Regression Testing,Advanced Techniques and Tools – Fuzzers, Model Checkers, Automated Theorem Provers).
  • Systems Security Assessment.
  • Network Security Assessment.
  • Networking Principles(Protocol Layers,ISO/OSI vs TCP/IP).
  • Physical Layer(Local Area Network Protocols,Wide Area Network Protocols).
  • Physical Layer Attacks.
  • Network Layer(IP Addressing and Routing,IP Protocol Operation,ICMP Protocol,Dynamic Routing Protocols,Software Defined Networking,Network Layer Attacks).
  • Transport Layer(Transport Layer Concepts,UDP,TCP,Other Transport Layer Protocols,Transport Layer Attacks).
  • Application Layer(Application Layer Protocols,Directory Services – BIND, LDAP, etc.,Remote Access and File Transfer,Email,Web – HTTP, VOIP, Instant Messaging and Collaboration).
  • Application Layer Vulnerabilities and Attacks(Network Security Testing and Assurance,Continuous Security Monitoring).


Topics:
  • Information Assets – Identification, Ownership.
  • Data Standards and Policy.
  • Information Classification.
  • Handling Requirements.
  • Data Retention Policy, Destruction and Disposal.


Topics:
  • Networking Principles(Protocol Layers,ISO/OSI vs TCP/IP).
  • Physical Layer(Local Area Network Protocols,Wide Area Network Protocols,Physical Layer Attacks).
  • Network Layer(IP Addressing and Routing,IP Protocol Operation,ICMP Protocol,Dynamic Routing Protocols,Software Defined Networking,Network Layer Attacks).
  • Transport Layer(Transport Layer Concepts,UDP,TCP,Other Transport Layer Protocols,Transport Layer Attacks).
  • Application Layer(Application Layer Protocols,Directory Services – BIND, LDAP, etc.,Remote Access and File Transfer,Email,Web – HTTP,VoiP, Instant Messaging and Collaboration).
  • Application Layer Vulnerabilities and Attacks.
  • Network Security Testing and Assurance.



Topics:
  • Basic Concepts: Trust, Identity, Authentication and Access Control.
  • Authentication Techniques(Password Management,Tokens, Badges, Smartcards and Other Devices,Biometric Techniques).
  • Authorization and Access Control.
  • Mandatory Access Control(Multi-Level Systems,Role-Based Access Control,Rule-Based Access Control).
  • Discretionary Access Control.
  • Capability-Based Systems(Federated Identity Management Systems).
  • Identity Management Lifecycle.

Topics:
  • Application Development Concepts(Programming Languages,Development Tools,Object-Oriented Concepts and Security,Third-Party Libraries and Frameworks).
  • Vulnerabilities Introduced During Development(Buffer Overflows,Format String Vulnerabilities,Input /Output Sanitization,Citizen Programmers,Covert Channels,Time-of-Check/Time-of-Use Vulnerabilities,Object Reuse,Trapdoors and Backdoors,Executable Content and Mobile Code).
  • Software Development Methodologies(Software Development Life Cycle,Security Activities in the SDLC,Prototyping, Iterative and Agile Techniques,Cleanroom and Formal Methods,Continuous Delivery and DevOps,Maturity Models).
  • Databases and Data WarehousesDatabase ConceptsDatabase Vulnerabilities and Controls,Unstructured Data and Knowledge Management).
  • Web Application Security(Web Application Architectures and Languages).
  • Common Vulnerabilities(SQL and Command Injection,Cross-Site Scripting (XSS),Cross-Site Request Forgery,Insecure Direct Object Access,Incorrect Session Management,Insecure Configuration,Inadequate Use of TLS).
  • Software Acquisition.

Topics:
  • Security Operations and Operations Security.
  • Segregation of Roles.
  • Job Rotation.
  • Dealing with Privileged Accounts and Users.
  • Information Lifecycle.
  • Threats and Vulnerabilities.
  • Malware.
  • Viruses.
  • Worms.
  • Trojans.
  • Rootkits.
  • Remote Access Trojans.
  • Spyware and Adware.
  • Logic Bombs.
  • Social Engineering.
  • Phishing, Spear-Phishing, Pharming and Botnets.
  • Hoaxes and Pranks.
  • Configuration and Change Management.
  • Patch Management and Vulnerabilities.
  • Security Metrics.
  • Monitoring and Reporting.
  • Network Monitoring and Logging.
  • Systems Monitoring and Logging.
  • Incident Response.
  • First Response.
  • Containment.
  • Investigation.
  • Recovery.
  • Crime Investigation.
  • Evidence Collection and Handling.
  • Evidence Processing and Forensics.
  • Presentation in Court.
  • Business Continuity and Disaster Recovery.
  • Plan DevelopmentRecovery Strategies.
  • Plan DocumentationTraining.
  • Testing.
  • Physical Security.
  • Personnel Safety.

Program Syllabus

Curriculum

You can also view the program syllabus by downloading this program Curriculum.

Course Certification

OL Tech Edu’s Certificate Holders work at top 500s of companies like

certificate

Features

Explore step by step paths to get started on your journey to Jobs of Today and Tomorrow.

Instructor-led Sessions

30 Hours of Online Live Instructor-Led Classes.
Weekend Class : 10 sessions of 3 hours each.

Real Life Case Studies

Real-life Case Studies

Live project based on any of the selected use cases, involving implementation of the various real life solutions / services.

Assignments

Assignments

Each class will be followed by practical assignments.

24 x 7 Expert Support

24 x 7 Expert Support

We have 24x7 online support team to resolve all your technical queries, through ticket based tracking system, for the lifetime.

Certification

Certification

Towards the end of the course, OL Tech Edu certifies you for the course you had enrolled for based on the project you submit.

Course FAQ's

Enroll, Learn, Grow, Repeat! Get ready to achieve your learning goals with OL Tech Edu View All Courses

© 2015 - 2024 OL Tech Edu. All Rights Reserved.
Designed, Developed & Powered by MNJ SOFTWARE

The website is best experienced on the following version (or higher) of Chrome 31, Firefox 26, Safari 6 and Internet Explorer 9 browsers